August 16, 2022

IRS Database Security Could Use a Tuneup

Some of the 2,200 databases that the IRS uses to manage and process taxpayer data are not configured securely, are running out-of-date software, and no longer receive security patches.

Nor has the IRS fully implemented its plans to complete vulnerability scans of its databases — although the IRS spent more than $1.1 million in software licenses and support costs for a database vulnerability scanning and compliance assessment tool, it did not fully implement it. TIGTA used database vulnerability assessment software to conduct remote scans of the primary databases for 13 applications supporting critical tax administration business processes. Its review found high and medium risk vulnerabilities, as classified by the scanning tool in each of the 13 databases. [TIGTA via TaxProf]

Some of the 2,200 databases that the IRS uses to manage and process taxpayer data are not configured securely, are running out-of-date software, and no longer receive security patches.

Nor has the IRS fully implemented its plans to complete vulnerability scans of its databases — although the IRS spent more than $1.1 million in software licenses and support costs for a database vulnerability scanning and compliance assessment tool, it did not fully implement it. TIGTA used database vulnerability assessment software to conduct remote scans of the primary databases for 13 applications supporting critical tax administration business processes. Its review found high and medium risk vulnerabilities, as classified by the scanning tool in each of the 13 databases. [TIGTA via TaxProf]

Latest Accounting Jobs--Apply Now:

Have something to add to this story? Give us a shout by email, Twitter, or text/call the tipline at 202-505-8885. As always, all tips are anonymous.

Related articles

Where TF Is the IRS Supposed to Find 87,000 Agents?

While various factions bicker over the Inflation Reduction Act, we have one question: where is the IRS supposed to find 87,000 agents!? In case you haven’t heard or seen your aunt sharing Impact font memes about it, Senate Democrats want to throw some cash at the IRS (among other things not getting into here): The […]

CPA Firms That Referred Clients to Alliantgroup Have Been Subpoenaed, Asked to Turn Over 11 Years of Client Data

On May 20 the Houston headquarters of R&D tax credit consulting firm Alliantgroup was raided by the IRS, in the weeks since we’ve had plenty of speculation about the whys and we’ve heard countless accounts from current and former Alliantgroup employees about the “evil, toxic, and emotionally damaging company” that employed them. We’ve now learned […]